//package com.woniu.filter;
//
//import com.fasterxml.jackson.databind.ObjectMapper;
//import com.woniu.util.JwtVerifyGetUserNameUtils;
//import com.woniu.util.ResultVO;
//import org.apache.commons.lang3.StringUtils;
//import org.apache.shiro.subject.PrincipalCollection;
//import org.apache.shiro.subject.SimplePrincipalCollection;
//import org.apache.shiro.util.ThreadContext;
//import org.apache.shiro.web.filter.AccessControlFilter;
//import org.apache.shiro.web.subject.WebSubject;
//
//import javax.servlet.ServletRequest;
//import javax.servlet.ServletResponse;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
//import java.io.PrintWriter;
//
///**
// * @author 李桢
// * @time 2021/04/02 14:36:29
// */
//public class CORSAuthenticationFilter extends AccessControlFilter {
//
//    @Override
//    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
//
//       //放行OPTIONS方法
//        if (((HttpServletRequest) request).getMethod().toUpperCase().equals("OPTIONS")) {
//            return true;
//        }
//
//        //若请求没有携带token，拒绝访问
//        String token = ((HttpServletRequest) request).getHeader("token");
//        if (StringUtils.isEmpty(token)) {
//            return false;
//        }
//
//        //验证token是否合法
//        boolean bb = JwtVerifyGetUserNameUtils.verifyToken(token);
//        if (bb) {
//            // 从token中获取用户“身份”
//            String username = JwtVerifyGetUserNameUtils.getUsername(token);
//            // 将用户“身份”封装到shiro的PrincipalCollection中
//            PrincipalCollection principals = new SimplePrincipalCollection(username, "authorizingRealm");
//            // 创建一个直接拥有“身份”的主体
//            WebSubject.Builder builder = new WebSubject.Builder(request, response);
//            builder.principals(principals);
//            // 直接认证通过
//            builder.authenticated(true);
//            WebSubject subject = builder.buildWebSubject();
//            // 将已经拥有“身份”的用户，塞入容器，统一调用
//            ThreadContext.bind(subject);
//        }
//        return bb;
//    }
//
//
//    @Override
//    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
//        HttpServletResponse resp = (HttpServletResponse) response;
//        resp.setHeader("Access-Control-Allow-Origin", "*");
//        resp.setHeader("Access-Control-Allow-Methods", "GET,PUT,POST,DELETE,OPTIONS");
//        resp.setHeader("Access-Control-Allow-Headers", "X-Requested-With");
//        resp.setHeader("Access-Control-Allow-Credentials", "true");
//
//        resp.setStatus(HttpServletResponse.SC_OK);
//        resp.setContentType("application/json;charset=utf8");
//        PrintWriter writer = resp.getWriter();
//
//        ResultVO resultVO = new ResultVO();
//        resultVO.setCode(407);
//        resultVO.setMessage("对不起，您没有授权!");
//        ObjectMapper objectMapper = new ObjectMapper();
//        String json = objectMapper.writeValueAsString(resultVO);
//        writer.write(json);
//        writer.flush();
//        writer.close();
//
//        return false;
//    }
//}